package org.opensearch.repositories.gcs;

import com.google.api.client.googleapis.GoogleUtils;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.auth.oauth2.ServiceAccountCredentials;
import com.google.cloud.ServiceOptions;
import com.google.cloud.http.HttpTransportOptions;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;
import java.io.IOException;
import java.net.Authenticator;
import java.net.PasswordAuthentication;
import java.net.Proxy;
import java.net.URI;
import java.util.Collections;
import java.util.Map;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.message.ParameterizedMessage;
import org.opensearch.common.collect.MapBuilder;
import org.opensearch.common.unit.TimeValue;
import org.opensearch.core.common.Strings;

/* loaded from: input_file:org/opensearch/repositories/gcs/GoogleCloudStorageService.class */
public class GoogleCloudStorageService {
    private static final Logger logger = LogManager.getLogger(GoogleCloudStorageService.class);
    private volatile Map<String, GoogleCloudStorageClientSettings> clientSettings;
    private volatile Map<String, Storage> clientCache;
    private final GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials;

    public GoogleCloudStorageService() {
        this.clientSettings = Collections.emptyMap();
        this.clientCache = Collections.emptyMap();
        this.googleApplicationDefaultCredentials = new GoogleApplicationDefaultCredentials();
    }

    public GoogleCloudStorageService(GoogleApplicationDefaultCredentials googleApplicationDefaultCredentials) {
        this.clientSettings = Collections.emptyMap();
        this.clientCache = Collections.emptyMap();
        this.googleApplicationDefaultCredentials = googleApplicationDefaultCredentials;
    }

    public synchronized void refreshAndClearCache(Map<String, GoogleCloudStorageClientSettings> map) {
        this.clientCache = Collections.emptyMap();
        this.clientSettings = MapBuilder.newMapBuilder(map).immutableMap();
    }

    public Storage client(String str, String str2, GoogleCloudStorageOperationsStats googleCloudStorageOperationsStats) throws IOException {
        Storage storage = this.clientCache.get(str2);
        if (storage != null) {
            return storage;
        }
        synchronized (this) {
            Storage storage2 = this.clientCache.get(str2);
            if (storage2 != null) {
                return storage2;
            }
            GoogleCloudStorageClientSettings googleCloudStorageClientSettings = this.clientSettings.get(str);
            if (googleCloudStorageClientSettings == null) {
                throw new IllegalArgumentException("Unknown client name [" + str + "]. Existing client configs: " + Strings.collectionToDelimitedString(this.clientSettings.keySet(), ","));
            }
            logger.debug(() -> {
                return new ParameterizedMessage("creating GCS client with client_name [{}], endpoint [{}]", str, googleCloudStorageClientSettings.getHost());
            });
            Storage createClient = createClient(googleCloudStorageClientSettings, googleCloudStorageOperationsStats);
            this.clientCache = MapBuilder.newMapBuilder(this.clientCache).put(str2, createClient).immutableMap();
            return createClient;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void closeRepositoryClient(String str) {
        this.clientCache = MapBuilder.newMapBuilder(this.clientCache).remove(str).immutableMap();
    }

    private Storage createClient(GoogleCloudStorageClientSettings googleCloudStorageClientSettings, GoogleCloudStorageOperationsStats googleCloudStorageOperationsStats) throws IOException {
        HttpTransport createHttpTransport = createHttpTransport(googleCloudStorageClientSettings);
        final GoogleCloudStorageHttpStatsCollector googleCloudStorageHttpStatsCollector = new GoogleCloudStorageHttpStatsCollector(googleCloudStorageOperationsStats);
        return createStorageOptions(googleCloudStorageClientSettings, new HttpTransportOptions(HttpTransportOptions.newBuilder().setConnectTimeout(toTimeout(googleCloudStorageClientSettings.getConnectTimeout()).intValue()).setReadTimeout(toTimeout(googleCloudStorageClientSettings.getReadTimeout()).intValue()).setHttpTransportFactory(() -> {
            return createHttpTransport;
        })) { // from class: org.opensearch.repositories.gcs.GoogleCloudStorageService.1
            public HttpRequestInitializer getHttpRequestInitializer(ServiceOptions<?, ?> serviceOptions) {
                HttpRequestInitializer httpRequestInitializer = super.getHttpRequestInitializer(serviceOptions);
                GoogleCloudStorageHttpStatsCollector googleCloudStorageHttpStatsCollector2 = googleCloudStorageHttpStatsCollector;
                return httpRequest -> {
                    if (httpRequestInitializer != null) {
                        httpRequestInitializer.initialize(httpRequest);
                    }
                    httpRequest.setResponseInterceptor(googleCloudStorageHttpStatsCollector2);
                };
            }
        }).getService();
    }

    private HttpTransport createHttpTransport(GoogleCloudStorageClientSettings googleCloudStorageClientSettings) throws IOException {
        return (HttpTransport) SocketAccess.doPrivilegedIOException(() -> {
            NetHttpTransport.Builder builder = new NetHttpTransport.Builder();
            builder.trustCertificates(GoogleUtils.getCertificateTrustStore());
            final ProxySettings proxySettings = googleCloudStorageClientSettings.getProxySettings();
            if (proxySettings != ProxySettings.NO_PROXY_SETTINGS) {
                if (proxySettings.isAuthenticated()) {
                    Authenticator.setDefault(new Authenticator() { // from class: org.opensearch.repositories.gcs.GoogleCloudStorageService.2
                        @Override // java.net.Authenticator
                        protected PasswordAuthentication getPasswordAuthentication() {
                            return new PasswordAuthentication(proxySettings.getUsername(), proxySettings.getPassword().toCharArray());
                        }
                    });
                }
                builder.setProxy(new Proxy(proxySettings.getType(), proxySettings.getAddress()));
            }
            return builder.build();
        });
    }

    StorageOptions createStorageOptions(GoogleCloudStorageClientSettings googleCloudStorageClientSettings, HttpTransportOptions httpTransportOptions) {
        StorageOptions.Builder headerProvider = StorageOptions.newBuilder().setTransportOptions(httpTransportOptions).setHeaderProvider(() -> {
            MapBuilder newMapBuilder = MapBuilder.newMapBuilder();
            if (Strings.hasLength(googleCloudStorageClientSettings.getApplicationName())) {
                newMapBuilder.put("user-agent", googleCloudStorageClientSettings.getApplicationName());
            }
            return newMapBuilder.immutableMap();
        });
        if (Strings.hasLength(googleCloudStorageClientSettings.getHost())) {
            headerProvider.setHost(googleCloudStorageClientSettings.getHost());
        }
        if (Strings.hasLength(googleCloudStorageClientSettings.getProjectId())) {
            headerProvider.setProjectId(googleCloudStorageClientSettings.getProjectId());
        }
        if (googleCloudStorageClientSettings.getCredential() == null) {
            logger.info("\"Application Default Credentials\" will be in use");
            GoogleCredentials googleCredentials = this.googleApplicationDefaultCredentials.get();
            if (googleCredentials != null) {
                headerProvider.setCredentials(googleCredentials);
            }
        } else {
            ServiceAccountCredentials credential = googleCloudStorageClientSettings.getCredential();
            URI tokenUri = googleCloudStorageClientSettings.getTokenUri();
            if (Strings.hasLength(tokenUri.toString())) {
                credential = credential.toBuilder().setTokenServerUri(tokenUri).build();
            }
            headerProvider.setCredentials(credential);
        }
        return (StorageOptions) SocketAccess.doPrivilegedException(() -> {
            return headerProvider.build();
        });
    }

    static Integer toTimeout(TimeValue timeValue) {
        if (timeValue == null || TimeValue.ZERO.equals(timeValue)) {
            return -1;
        }
        if (TimeValue.MINUS_ONE.equals(timeValue)) {
            return 0;
        }
        return Integer.valueOf(Math.toIntExact(timeValue.getMillis()));
    }
}
